Feb 27th, 2013, 03:10 PM
Is spring security 3.1.x a hard dependency for 1.0.0-RC2 and later?
Is spring security 3.1.x a hard dependency, or will spring security 3.0.8 or later suffice for the SAML extension?
I'm obviously trying to determine if I need to upgrade our app's spring security dependency in order to use the extension.
Mar 1st, 2013, 03:09 AM
You can still use 3.0.8, but you'd need to make few changes to the default securityContext.xml in the current trunk:
- change schema location of Spring Security to the 3.0 version
- change request-matcher to path-type in the security:filter
- move unsecured pages to the security:http element
For detail see changes to file securityContext.xml in this commit.
Tags for this Thread